Re: LYNX-DEV A bit of a security issue...i guess :/

From:

Jonathan Sergent

Subject:

Re: LYNX-DEV A bit of a security issue...i guess :/

Date:

Mon, 04 Aug 1997 09:41:03 -0500

In message <address@hidden>, address@hidden writes:
]
] Hey, I tried to send this message once before but i guess your mailling
] list thing was being worked on or something.
]
] You block ports 25 and 19 in urls but youre not blocking the
] "wrap around" of it, when you add 65536 to the port.
] Hence you cant go to :25 but you can go to :65561.
] That pretty much makes the "Alert!: Port XX not permitted in URLs."
] useless.
]
] I already told jss about this and he said he is working on a
] patch for it.
]
] dynamo
I was waiting for this to show up in the mailing list before saying anything...
It makes sense just to % the port with 65536 in LYGetFile.c before checking it
against 19 and 25. Not worth making a patch, really...
--jss
;
; To UNSUBSCRIBE: Send a mail message to address@hidden
; with "unsubscribe lynx-dev" (without the
; quotation marks) on a line by itself.
;